1
0
mirror of https://github.com/aquasecurity/kube-bench.git synced 2024-12-27 00:48:07 +00:00
Commit Graph

815 Commits

Author SHA1 Message Date
dependabot[bot]
765b2d119d
Bump gorm.io/driver/postgres from 1.1.2 to 1.2.0 (#1033)
Bumps [gorm.io/driver/postgres](https://github.com/go-gorm/postgres) from 1.1.2 to 1.2.0.
- [Release notes](https://github.com/go-gorm/postgres/releases)
- [Commits](https://github.com/go-gorm/postgres/compare/v1.1.2...v1.2.0)

---
updated-dependencies:
- dependency-name: gorm.io/driver/postgres
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Yoav Rotem <yoavrotems97@gmail.com>
2021-10-27 16:37:07 +03:00
dependabot[bot]
a75afff77f
Bump github.com/aws/aws-sdk-go from 1.41.6 to 1.41.11 (#1031)
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.41.6 to 1.41.11.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.41.6...v1.41.11)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Yoav Rotem <yoavrotems97@gmail.com>
2021-10-27 13:51:26 +03:00
ycabrer
7a47197d8b
Allow for usage of env var K8S_HOST in psql (#1026)
* Allow for usage of env var `K8S_HOST` in psql

* small typo fix

* typo fix
2021-10-27 13:32:10 +03:00
tonyqui
11136317f2
Fix experimental-encryption-provider-config test on OCP 3.11 - Issue #926 (#1024)
Co-authored-by: Yoav Rotem <yoavrotems97@gmail.com>
2021-10-27 12:56:00 +03:00
dependabot[bot]
0de52d9818
Bump github.com/aws/aws-sdk-go from 1.41.0 to 1.41.6 (#1027)
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.41.0 to 1.41.6.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.41.0...v1.41.6)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Yoav Rotem <yoavrotems97@gmail.com>
2021-10-27 12:29:24 +03:00
dependabot[bot]
cdc49f28b0
Bump github.com/aws/aws-sdk-go from 1.40.55 to 1.41.0 (#1022)
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.40.55 to 1.41.0.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.40.55...v1.41.0)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Yoav Rotem <yoavrotems97@gmail.com>
2021-10-20 12:29:34 +03:00
dependabot[bot]
2212c8a1f3
Bump github.com/onsi/ginkgo from 1.16.4 to 1.16.5 (#1021)
Bumps [github.com/onsi/ginkgo](https://github.com/onsi/ginkgo) from 1.16.4 to 1.16.5.
- [Release notes](https://github.com/onsi/ginkgo/releases)
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md)
- [Commits](https://github.com/onsi/ginkgo/compare/v1.16.4...v1.16.5)

---
updated-dependencies:
- dependency-name: github.com/onsi/ginkgo
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Yoav Rotem <yoavrotems97@gmail.com>
2021-10-14 15:04:02 +03:00
dependabot[bot]
e9b613717f
Bump gorm.io/gorm from 1.21.15 to 1.21.16 (#1020)
Bumps [gorm.io/gorm](https://github.com/go-gorm/gorm) from 1.21.15 to 1.21.16.
- [Release notes](https://github.com/go-gorm/gorm/releases)
- [Commits](https://github.com/go-gorm/gorm/compare/v1.21.15...v1.21.16)

---
updated-dependencies:
- dependency-name: gorm.io/gorm
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-10-14 15:03:39 +03:00
dependabot[bot]
23d4b496f6
Bump gorm.io/driver/postgres from 1.1.1 to 1.1.2 (#1017)
Bumps [gorm.io/driver/postgres](https://github.com/go-gorm/postgres) from 1.1.1 to 1.1.2.
- [Release notes](https://github.com/go-gorm/postgres/releases)
- [Commits](https://github.com/go-gorm/postgres/compare/v1.1.1...v1.1.2)

---
updated-dependencies:
- dependency-name: gorm.io/driver/postgres
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Yoav Rotem <yoavrotems97@gmail.com>
2021-10-05 15:23:00 +03:00
dependabot[bot]
9f5ec2ba47
Bump github.com/aws/aws-sdk-go from 1.40.51 to 1.40.55 (#1016)
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.40.51 to 1.40.55.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.40.51...v1.40.55)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-10-05 10:45:36 +03:00
Lennard Klein
70fa2cc0d5
Add various paths as used by Talos (#1009)
Implements #1008
2021-10-04 10:10:13 +03:00
Yoav Rotem
0e6184186f
Update release.yml (#1014) 2021-10-03 15:32:27 +03:00
Yoav Rotem
04292261a2
Update release.yml (#1013)
* Update release.yml

* Update release.yml
2021-10-03 14:53:37 +03:00
Lennard Klein
5f7fb350a7
Add a trailing slash to find directory path (#1006)
This transplants #687 to cis-1.6 and cis-1.20. Fixes #686 for cis-1.6 and cis-1.20.
2021-10-03 13:08:28 +03:00
Huang Huang
e50de8145c
Fix status of cis-1.20 1.2.25 should be Manual (#1010)
* fix status of cis-1.20 1.2.25 should be Manual

* Fix tests

Co-authored-by: Yoav Rotem <yoavrotems97@gmail.com>
2021-10-03 13:00:58 +03:00
Huang Huang
bfd67496d9
fix integration test not testing latest code and can't run test on local (#1011) 2021-10-03 11:43:43 +03:00
dependabot[bot]
36056797df
Bump github.com/aws/aws-sdk-go from 1.40.45 to 1.40.51 (#1005)
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.40.45 to 1.40.51.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.40.45...v1.40.51)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-09-29 16:51:51 +03:00
Jeff Robertson
37581e45ca
fix typo in readme (#917)
Co-authored-by: Yoav Rotem <yoavrotems97@gmail.com>
2021-09-29 15:06:23 +03:00
dependabot[bot]
0aea4ca909
Bump github.com/fatih/color from 1.12.0 to 1.13.0 (#1004)
Bumps [github.com/fatih/color](https://github.com/fatih/color) from 1.12.0 to 1.13.0.
- [Release notes](https://github.com/fatih/color/releases)
- [Commits](https://github.com/fatih/color/compare/v1.12.0...v1.13.0)

---
updated-dependencies:
- dependency-name: github.com/fatih/color
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Yoav Rotem <yoavrotems97@gmail.com>
2021-09-29 14:54:27 +03:00
dependabot[bot]
5b2051f5b1
Bump k8s.io/client-go from 0.22.1 to 0.22.2 (#999)
Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.22.1 to 0.22.2.
- [Release notes](https://github.com/kubernetes/client-go/releases)
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kubernetes/client-go/compare/v0.22.1...v0.22.2)

---
updated-dependencies:
- dependency-name: k8s.io/client-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Yoav Rotem <yoavrotems97@gmail.com>
2021-09-29 14:44:44 +03:00
dependabot[bot]
25744cd892
Bump github.com/spf13/viper from 1.8.1 to 1.9.0 (#998)
Bumps [github.com/spf13/viper](https://github.com/spf13/viper) from 1.8.1 to 1.9.0.
- [Release notes](https://github.com/spf13/viper/releases)
- [Commits](https://github.com/spf13/viper/compare/v1.8.1...v1.9.0)

---
updated-dependencies:
- dependency-name: github.com/spf13/viper
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Yoav Rotem <yoavrotems97@gmail.com>
2021-09-29 13:52:41 +03:00
dependabot[bot]
d0a4ac86f7
Bump github.com/aws/aws-sdk-go from 1.40.37 to 1.40.45 (#997)
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.40.37 to 1.40.45.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.40.37...v1.40.45)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-09-22 14:46:43 +03:00
dependabot[bot]
01afd27cb3
Bump gorm.io/driver/postgres from 1.1.0 to 1.1.1 (#989)
Bumps [gorm.io/driver/postgres](https://github.com/go-gorm/postgres) from 1.1.0 to 1.1.1.
- [Release notes](https://github.com/go-gorm/postgres/releases)
- [Commits](https://github.com/go-gorm/postgres/compare/v1.1.0...v1.1.1)

---
updated-dependencies:
- dependency-name: gorm.io/driver/postgres
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Yoav Rotem <yoavrotems97@gmail.com>
2021-09-19 15:54:27 +03:00
dependabot[bot]
2662c07e2b
Bump golang from 1.17.0 to 1.17.1 (#988)
Bumps golang from 1.17.0 to 1.17.1.

---
updated-dependencies:
- dependency-name: golang
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-09-19 15:26:10 +03:00
Yoav Rotem
2bbdf8ceac
Remove make integration-testing (#986)
Use a different logic now
2021-09-13 01:15:28 +03:00
dependabot[bot]
10ba0adb2d
Bump gorm.io/gorm from 1.21.13 to 1.21.14 (#979)
Bumps [gorm.io/gorm](https://github.com/go-gorm/gorm) from 1.21.13 to 1.21.14.
- [Release notes](https://github.com/go-gorm/gorm/releases)
- [Commits](https://github.com/go-gorm/gorm/compare/v1.21.13...v1.21.14)

---
updated-dependencies:
- dependency-name: gorm.io/gorm
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Yoav Rotem <yoavrotems97@gmail.com>
2021-09-09 18:16:45 +03:00
dependabot[bot]
9863f21984
Bump github.com/aws/aws-sdk-go from 1.40.33 to 1.40.37 (#982)
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.40.33 to 1.40.37.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.40.33...v1.40.37)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-09-09 17:29:40 +03:00
Dave Hay
6d758d2011
Update/upgrade Alpine before installing openssl (#981)
Mitigating CVE-2021-3711 and CVE-2021-3712

Signed-off-by: Dave Hay <david_hay@uk.ibm.com>

Co-authored-by: Yoav Rotem <yoavrotems97@gmail.com>
2021-09-05 17:48:33 +03:00
dependabot[bot]
b238a18aaa
Bump github.com/aws/aws-sdk-go from 1.40.28 to 1.40.33 (#978)
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.40.28 to 1.40.33.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.40.28...v1.40.33)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Yoav Rotem <yoavrotems97@gmail.com>
2021-09-02 17:21:27 +03:00
dependabot[bot]
2b6d21a652
Bump alpine from 3.14.1 to 3.14.2 (#977)
Bumps alpine from 3.14.1 to 3.14.2.

---
updated-dependencies:
- dependency-name: alpine
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-09-01 10:00:35 +03:00
brainfair
548b021340
Add node kubelet config path (#961)
In kubespray tool we have another path for kubelet config, add them to kube-bench config on top

Co-authored-by: Yoav Rotem <yoavrotems97@gmail.com>
2021-08-30 16:02:26 +03:00
Nick Keenan
946a48ca74
Fix 4.1.9, skip irremediable checks, add /home/kubernetes mount (#976)
Co-authored-by: Yoav Rotem <yoavrotems97@gmail.com>
2021-08-30 15:33:59 +03:00
dependabot[bot]
ed484cae83
Bump github.com/aws/aws-sdk-go from 1.40.18 to 1.40.28 (#975)
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.40.18 to 1.40.28.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.40.18...v1.40.28)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Yoav Rotem <yoavrotems97@gmail.com>
2021-08-30 14:58:58 +03:00
dependabot[bot]
a985e6bdf6
Bump k8s.io/client-go from 0.22.0 to 0.22.1 (#974)
Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.22.0 to 0.22.1.
- [Release notes](https://github.com/kubernetes/client-go/releases)
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kubernetes/client-go/compare/v0.22.0...v0.22.1)

---
updated-dependencies:
- dependency-name: k8s.io/client-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Yoav Rotem <yoavrotems97@gmail.com>
2021-08-30 13:56:32 +03:00
dependabot[bot]
89a7e7a82d
Bump golang from 1.16 to 1.17.0 (#973)
Bumps golang from 1.16 to 1.17.0.

---
updated-dependencies:
- dependency-name: golang
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Yoav Rotem <yoavrotems97@gmail.com>
2021-08-30 11:47:18 +03:00
dependabot[bot]
f20539930e
Bump gorm.io/gorm from 1.21.12 to 1.21.13 (#966)
Bumps [gorm.io/gorm](https://github.com/go-gorm/gorm) from 1.21.12 to 1.21.13.
- [Release notes](https://github.com/go-gorm/gorm/releases)
- [Commits](https://github.com/go-gorm/gorm/compare/v1.21.12...v1.21.13)

---
updated-dependencies:
- dependency-name: gorm.io/gorm
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-30 11:38:07 +03:00
dependabot[bot]
e2e1566a35
Bump github.com/aws/aws-sdk-go from 1.40.14 to 1.40.18 (#957)
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.40.14 to 1.40.18.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.40.14...v1.40.18)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Yoav Rotem <yoavrotems97@gmail.com>
2021-08-11 12:45:13 +03:00
dependabot[bot]
ee1fd825a7
Bump alpine from 3.14.0 to 3.14.1 (#956)
Bumps alpine from 3.14.0 to 3.14.1.

---
updated-dependencies:
- dependency-name: alpine
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-10 12:04:15 +03:00
Matthieu MOREL
b1119f588e
chore(ci) update k8s.io/client-go and github.com/spf13/cobra to latest (#955)
* Update github.com/spf13/cobra

* chore(ci) update k8s.io/client-go and github.com/spf13/cobra to latest
2021-08-09 17:40:21 +03:00
Matthieu MOREL
c91a9434c0
Update Gorm (#950)
* Migrate from github.com/jinzhu/gorm to gorm.io/gorm

* apply gofmt

* github.com/aws/aws-sdk-go

* fix
2021-08-09 11:40:01 +03:00
dependabot[bot]
42da8c681c
Bump github.com/aws/aws-sdk-go from 1.40.13 to 1.40.14 (#949)
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.40.13 to 1.40.14.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.40.13...v1.40.14)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-04 17:07:56 +03:00
Matthieu MOREL
8ac8ebfc2a
Update Dependencies (#941)
* Create dependabot.yml

* Bump crazy-max/ghaction-docker-meta from 1 to 3.4.0 (#1)

Bumps [crazy-max/ghaction-docker-meta](https://github.com/crazy-max/ghaction-docker-meta) from 1 to 3.4.0.
- [Release notes](https://github.com/crazy-max/ghaction-docker-meta/releases)
- [Upgrade guide](https://github.com/docker/metadata-action/blob/master/UPGRADE.md)
- [Commits](https://github.com/crazy-max/ghaction-docker-meta/compare/v1...v3.4.0)

---
updated-dependencies:
- dependency-name: crazy-max/ghaction-docker-meta
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Update .yamllint.yaml

* Update .yamllint.yaml

* Update dependabot.yml

* Update dependabot.yml

* Bump github.com/onsi/ginkgo from 1.10.1 to 1.16.4 (#2)

Bumps [github.com/onsi/ginkgo](https://github.com/onsi/ginkgo) from 1.10.1 to 1.16.4.
- [Release notes](https://github.com/onsi/ginkgo/releases)
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md)
- [Commits](https://github.com/onsi/ginkgo/compare/v1.10.1...v1.16.4)

---
updated-dependencies:
- dependency-name: github.com/onsi/ginkgo
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/stretchr/testify from 1.4.0 to 1.7.0 (#4)

Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.4.0 to 1.7.0.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.4.0...v1.7.0)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/fatih/color from 1.5.0 to 1.12.0 (#6)

Bumps [github.com/fatih/color](https://github.com/fatih/color) from 1.5.0 to 1.12.0.
- [Release notes](https://github.com/fatih/color/releases)
- [Commits](https://github.com/fatih/color/compare/v1.5.0...v1.12.0)

---
updated-dependencies:
- dependency-name: github.com/fatih/color
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/magiconair/properties from 1.8.0 to 1.8.5 (#3)

Bumps [github.com/magiconair/properties](https://github.com/magiconair/properties) from 1.8.0 to 1.8.5.
- [Release notes](https://github.com/magiconair/properties/releases)
- [Changelog](https://github.com/magiconair/properties/blob/main/CHANGELOG.md)
- [Commits](https://github.com/magiconair/properties/compare/v1.8.0...v1.8.5)

---
updated-dependencies:
- dependency-name: github.com/magiconair/properties
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/aws/aws-sdk-go from 1.35.28 to 1.39.6 (#7)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.35.28 to 1.39.6.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.35.28...v1.39.6)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump gopkg.in/yaml.v2 from 2.3.0 to 2.4.0 (#8)

Bumps [gopkg.in/yaml.v2](https://github.com/go-yaml/yaml) from 2.3.0 to 2.4.0.
- [Release notes](https://github.com/go-yaml/yaml/releases)
- [Commits](https://github.com/go-yaml/yaml/compare/v2.3.0...v2.4.0)

---
updated-dependencies:
- dependency-name: gopkg.in/yaml.v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/spf13/viper from 1.4.0 to 1.8.1 (#9)

Bumps [github.com/spf13/viper](https://github.com/spf13/viper) from 1.4.0 to 1.8.1.
- [Release notes](https://github.com/spf13/viper/releases)
- [Commits](https://github.com/spf13/viper/compare/v1.4.0...v1.8.1)

---
updated-dependencies:
- dependency-name: github.com/spf13/viper
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/spf13/cobra from 0.0.3 to 0.0.7 (#10)

Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 0.0.3 to 0.0.7.
- [Release notes](https://github.com/spf13/cobra/releases)
- [Changelog](https://github.com/spf13/cobra/blob/master/CHANGELOG.md)
- [Commits](https://github.com/spf13/cobra/compare/v0.0.3...0.0.7)

---
updated-dependencies:
- dependency-name: github.com/spf13/cobra
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/aws/aws-sdk-go from 1.39.6 to 1.40.0 (#11)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.39.6 to 1.40.0.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.39.6...v1.40.0)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump crazy-max/ghaction-docker-meta from 3.4.0 to 3.4.1 (#12)

Bumps [crazy-max/ghaction-docker-meta](https://github.com/crazy-max/ghaction-docker-meta) from 3.4.0 to 3.4.1.
- [Release notes](https://github.com/crazy-max/ghaction-docker-meta/releases)
- [Commits](https://github.com/crazy-max/ghaction-docker-meta/compare/v3.4.0...v3.4.1)

---
updated-dependencies:
- dependency-name: crazy-max/ghaction-docker-meta
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/aws/aws-sdk-go from 1.40.0 to 1.40.1 (#13)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.40.0 to 1.40.1.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.40.0...v1.40.1)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/aws/aws-sdk-go from 1.40.1 to 1.40.7 (#21)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.40.1 to 1.40.7.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.40.1...v1.40.7)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump codecov/codecov-action from 1 to 2.0.2 (#20)

Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 1 to 2.0.2.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/master/CHANGELOG.md)
- [Commits](https://github.com/codecov/codecov-action/compare/v1...v2.0.2)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Update build.yml

* Update mkdocs-deploy.yaml

* Update publish.yml

* Update mkdocs-deploy.yaml

* Bump github.com/aws/aws-sdk-go from 1.40.7 to 1.40.9 (#23)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.40.7 to 1.40.9.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.40.7...v1.40.9)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Update .github/workflows/publish.yml

* Update .github/workflows/build.yml

* Update mkdocs-deploy.yaml

* Update build.yml

* Update dependabot.yml

* Update dependabot.yml

* Bump alpine from 3.13 to 3.14.0 (#27)

Bumps alpine from 3.13 to 3.14.0.

---
updated-dependencies:
- dependency-name: alpine
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/aws/aws-sdk-go from 1.40.9 to 1.40.13 (#28)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.40.9 to 1.40.13.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.40.9...v1.40.13)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-04 11:38:18 +03:00
Dave Hay
222e696934
Upgrading apk-tools (#944)
Upgrading apk-tools to remediate CVE-2021-36159
( https://snyk.io/vuln/SNYK-ALPINE314-APKTOOLS-1533752 )

Fixes #943

Signed-off-by: Dave Hay <david_hay@uk.ibm.com>

Co-authored-by: Yoav Rotem <yoavrotems97@gmail.com>
2021-08-03 17:21:24 +03:00
Yoav Rotem
25ba9e2fad
New integration testing (#947)
* Fix Junit missing testsuites 

Fix issue https://github.com/aquasecurity/kube-bench/issues/883 but also bug with overriding output when --outputfile is effective and only write the last controls

* test new integration

* Update build.yml

* add wait for job to be ready

* Update build.yml

* Update build.yml

* Update build.yml

* test

* Update job.yaml

* Add wait

* test for logs

* Update job.yaml

* Create Expected_output.data

* Update build.yml

* Update build.yml

* remove empty line

* Add new line at the end

* add ---

* Delete docker.go

* Delete integration.go

* Delete integration_test.go

* Delete integration/testdata/cis-1.20 directory

* Delete integration/testdata/cis-1.6 directory

* Update integration testing

* Remove integration tests

Removed integration testing to github action

* Update build.yml
2021-08-03 17:10:50 +03:00
Yoav Rotem
f74149d4ab
Update goreleaser (#929)
* Fix Junit missing testsuites 

Fix issue https://github.com/aquasecurity/kube-bench/issues/883 but also bug with overriding output when --outputfile is effective and only write the last controls

* Deprecated files command

* Update .goreleaser.yml

Remove deprecated files, and fix https://github.com/aquasecurity/kube-bench/issues/925
2021-07-14 15:50:12 +03:00
Nick
cb7ee765a3
K8s Job Command Clean (#923)
* Update commands

* oopsy on run command

* update reference version for iks to be 120

Co-authored-by: Yoav Rotem <yoavrotems97@gmail.com>
2021-07-07 18:21:30 +03:00
Hacks4Snacks
016d67bade
cis-1.20 section 1.1.10 command revision. (#922)
Co-authored-by: Yoav Rotem <yoavrotems97@gmail.com>
2021-07-07 18:06:50 +03:00
Dave Hay
42f479596c
doc(install): Adding detail and example for build (#928)
- Added to the `Installing from sources`
- Includes `git clone` etc.
- Also includes comments

Signed-off-by: Dave Hay <david_hay@uk.ibm.com>
2021-07-07 10:56:33 +03:00
Yoav Rotem
14aef408e8
Fix Junit missing testsuites (#920)
Fix issue https://github.com/aquasecurity/kube-bench/issues/883 but also bug with overriding output when --outputfile is effective and only write the last controls
2021-06-23 18:01:24 +03:00
Yoav Rotem
aedc2942bd
Check string size (#915)
ASFF ProductFields[] string can't be longer than 1024 characters, could explain https://github.com/aquasecurity/kube-bench/issues/903
`Message:Finding does not adhere to Amazon Finding Format. data.Remediation.Recommendation.Text should NOT be longer than 512 characters.
Error Code:InvalidInput`
2021-06-20 14:28:22 +03:00